From fac85678fb2c55e55a613578c74d473e90754ad8 Mon Sep 17 00:00:00 2001 From: syed-ali-tw Date: Tue, 19 Nov 2024 13:06:06 +0000 Subject: [PATCH] Remove Rails application secret and change to env secret to remove depraction warnings --- .../link_checker_api_controller.rb | 2 +- app/services/link_check_report_creator.rb | 2 +- config/application.rb | 2 +- config/secrets.yml | 26 ------------------- .../link_check_reports_controller_test.rb | 2 +- .../link_checker_api_controller_test.rb | 2 +- test/integration/edition_link_check_test.rb | 2 +- .../link_check_report_creator_test.rb | 2 +- 8 files changed, 7 insertions(+), 33 deletions(-) delete mode 100644 config/secrets.yml diff --git a/app/controllers/link_checker_api_controller.rb b/app/controllers/link_checker_api_controller.rb index 18f28cd21..640d9fc65 100644 --- a/app/controllers/link_checker_api_controller.rb +++ b/app/controllers/link_checker_api_controller.rb @@ -46,6 +46,6 @@ def verify_signature end def webhook_secret_token - Rails.application.secrets.link_checker_api_secret_token + ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN") end end diff --git a/app/services/link_check_report_creator.rb b/app/services/link_check_report_creator.rb index 7201aacd0..abf8c8080 100644 --- a/app/services/link_check_report_creator.rb +++ b/app/services/link_check_report_creator.rb @@ -48,7 +48,7 @@ def call_link_checker_api GdsApi.link_checker_api.create_batch( uris, webhook_uri: callback_url, - webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token, + webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"), ) end diff --git a/config/application.rb b/config/application.rb index b4cf073bc..bdd28ba3b 100644 --- a/config/application.rb +++ b/config/application.rb @@ -63,7 +63,7 @@ class Application < Rails::Application config.asset_host = ENV.fetch("ASSET_HOST", nil) config.action_mailer.notify_settings = { - api_key: Rails.application.secrets.notify_api_key || "fake-test-api-key", + api_key: ENV.fetch("GOVUK_NOTIFY_API_KEY", "fake-test-api-key"), } config.generators do |g| diff --git a/config/secrets.yml b/config/secrets.yml deleted file mode 100644 index 03c910594..000000000 --- a/config/secrets.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Your secret key is used for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! - -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -# You can use `rails secret` to generate a secure secret key. - -# Make sure the secrets in this file are kept private -# if you're sharing your code publicly. - -development: - secret_key_base: p647607dffea898a0f668fea448896db7ca3a0527f9e926db3ae629617cd64e16d2b4d357dcb312ed3f4ae5daaad98c589bb0ef1da4c251c0234b457d2e4a49f - link_checker_api_secret_token: stk3ffv3DvpKfHmsU4pbxsxc - -test: - secret_key_base: 073ab37a8631ad8caf644cb52662e222b95cac9a0ed4b8523f86819e50c544dfc49c12aa58090604b490235424fa77d66c10b016ecc706acf83193d2c6090318 - link_checker_api_secret_token: stk3ffv3DvpKfHmsU4pbxsxc - -# Do not keep production secrets in the repository, -# instead read values from the environment. -production: - secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> - link_checker_api_secret_token: <%= ENV["LINK_CHECKER_API_SECRET_TOKEN"] %> - notify_api_key: <%= ENV["GOVUK_NOTIFY_API_KEY"] %> diff --git a/test/functional/link_check_reports_controller_test.rb b/test/functional/link_check_reports_controller_test.rb index 8310e9bb5..5a90330f4 100644 --- a/test/functional/link_check_reports_controller_test.rb +++ b/test/functional/link_check_reports_controller_test.rb @@ -16,7 +16,7 @@ class LinkCheckReportsControllerTest < ActionController::TestCase uris: ["https://www.gov.uk"], id: 1234, webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")), - webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token, + webhook_secret_token: ENV["LINK_CHECKER_API_SECRET_TOKEN"], ) end diff --git a/test/functional/link_checker_api_controller_test.rb b/test/functional/link_checker_api_controller_test.rb index c968ec7fb..e9b507cca 100644 --- a/test/functional/link_checker_api_controller_test.rb +++ b/test/functional/link_checker_api_controller_test.rb @@ -48,7 +48,7 @@ def campaign_edition_link_check_report def set_headers(post_body) headers = { "Content-Type": "application/json", - "X-LinkCheckerApi-Signature": generate_signature(post_body.to_json, Rails.application.secrets.link_checker_api_secret_token), + "X-LinkCheckerApi-Signature": generate_signature(post_body.to_json, ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN")), } request.headers.merge! headers diff --git a/test/integration/edition_link_check_test.rb b/test/integration/edition_link_check_test.rb index 825bd11bf..7a5a8f9e4 100644 --- a/test/integration/edition_link_check_test.rb +++ b/test/integration/edition_link_check_test.rb @@ -13,7 +13,7 @@ class EditionLinkCheckTest < LegacyJavascriptIntegrationTest uris: ["https://www.gov.uk"], id: 1234, webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")), - webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token, + webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"), ) @place = FactoryBot.create(:place_edition, introduction: "This is [link](https://www.gov.uk) text.") diff --git a/test/unit/services/link_check_report_creator_test.rb b/test/unit/services/link_check_report_creator_test.rb index 474f28488..8543ef936 100644 --- a/test/unit/services/link_check_report_creator_test.rb +++ b/test/unit/services/link_check_report_creator_test.rb @@ -14,7 +14,7 @@ def create_edition(govspeak) uris: ["https://www.gov.uk"], id: 1234, webhook_uri: link_checker_api_callback_url(host: Plek.find("publisher")), - webhook_secret_token: Rails.application.secrets.link_checker_api_secret_token, + webhook_secret_token: ENV.fetch("LINK_CHECKER_API_SECRET_TOKEN"), ) end